Changelog for
selinux-tools-3.4-3.65.x86_64.rpm :
* Thu Jul 07 2022 Johannes Segitz
- Fixed initrd check in selinux-ready (bnc#1186127)
* Tue May 31 2022 Johannes Segitz - Added restorecon_pin_file.patch. Fixes issus when running fixfiles/restorecon
* Mon May 09 2022 Johannes Segitz - Update to version 3.4:
* Use PCRE2 by default
* Make selinux_log() and is_context_customizable() thread-safe
* Prevent leakeing file descriptors
* Correctly hash specfiles larger than 4G- Refreshed skip_cycles.patch
* Tue Feb 15 2022 Johannes Segitz - Add Requires for exact libselinux1 version for selinux-tools- Simplyfied check for correct boot paramaters in selinux-ready (bsc#1195361)
* Thu Nov 11 2021 Johannes Segitz - Update to version 3.3:
* Lots of smaller issues fixed found by fuzzing
* Sun Jul 18 2021 Callum Farmer - Add missing libselinux-utils Provides to selinux-tools so that %selinux_requires works
* Mon Apr 26 2021 Johannes Segitz - Remove Recommends for selinux-autorelabel. It\'s better to have this in the policy package itself (bsc#1181837)
* Wed Mar 17 2021 Dominique Leuenberger - Switch to pcre2: + Replace pcre-devel BuildRequires with pkgconfig(libpcre2-8) + Pass USE_PCRE2=y to make. + Replace pkgconfig(libpcre) Requires in -devel static with pkgconfig(libpcre2-8).
* Tue Mar 09 2021 Johannes Segitz - Update to version 3.2:
* Use mmap()\'ed kernel status page instead of netlink by default. See \"KERNEL STATUS PAGE\" section in avc_init(3) for more details.
* New log callback levels for enforcing and policy load notices - SELINUX_POLICYLOAD, SELINUX_SETENFORCE
* Changed userspace AVC setenforce and policy load messages to audit format.
* Sat Feb 06 2021 Matej Cepl - Add Recommends: selinux-autorelabel, which is very important for healthy use of the SELinux on the system (/.autorelabel mechanism) (bsc#1181837).
* Thu Oct 29 2020 Ludwig Nussel - install to /usr (boo#1029961)
* Tue Jul 14 2020 Johannes Segitz - Update to version 3.1:
* selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were removed. All userspace object managers should have been updated to use the dynamic class/perm mapping support. Use string_to_security_class(3) and string_to_av_perm(3) to map the class and permission names to their policy values, or selinux_set_mapping(3) to create a mapping from class and permission index values used by the application to the policy values.
* Removed restrictions in libsepol and checkpolicy that required all declared initial SIDs to be assigned a context.
* Support for new policy capability genfs_seclabel_symlinks
* selinuxfs is mounted with noexec and nosuid
* `security_compute_user()` was deprecated
* Thu Mar 26 2020 Johannes Segitz - Added skip_cycles.patch to skip directory cycles and not error out
* Tue Mar 03 2020 Johannes Segitz - Update to version 3.0
* Ignore the stem when looking up all matches in file context
* Save digest of all partial matches for directory
* Use Python distutils to install SELinux python bindings
* ensure that digest_len is not zero
* fix string conversion of unknown perms
* mark all exported function \"extern\" Dropped Use-Python-distutils-to-install-SELinux.patch, included upstream
* Wed Nov 13 2019 Johannes Segitz - Added Use-Python-distutils-to-install-SELinux.patch to use Python\'s distutils instead of building and installing python bindings manually
* Mon Jun 03 2019 - In selinux-ready
* Removed check for selinux-policy package as we don\'t ship one (bsc#1136845)
* Add check that restorecond is installed and enabled
* Fri May 24 2019 - Set License: to correct value (bsc#1135710)
* Thu Apr 25 2019 Martin Liška - Disable LTO (boo#1133244).
* Wed Mar 20 2019 jsegitzAATTsuse.com- Update to version 2.9
* Add security_reject_unknown(3) man page
* Change matchpathcon usage to match with matchpathcon manpage
* Do not define gettid() if glibc >= 2.30 is used
* Fix RESOURCE_LEAK defects reported by coverity scan
* Fix line wrapping in selabel_file.5
* Do not dereference symlink with statfs in selinux_restorecon
* Fix overly strict validation of file_contexts.bin
* Fix selinux_restorecon() on non-SELinux hosts
* Fix the whatis line for the selinux_boolean_sub.3 manpage
* Fix printf format string specifier for uint64_t
* Fix handling of unknown classes/perms
* Set an appropriate errno in booleans.c- Dropped python3.patch, is now upstream
* Fri Jan 04 2019 jsegitzAATTsuse.com- Remove unneeded build requires for python3 (bsc#1120255)